Analysis and control of bifurcation and chaos in averaged queue length in TCP/RED model

This paper studies the bifurcation and chaos phenomena in averaged queue length in a developed Transmission Control Protocol (TCP) model with Random Early Detection (RED) mechanism. Bifurcation and chaos phenomena are nonlinear behaviour in network systems that lead to degradation of the network performance. The TCP/RED model used is a model validated previously. In our study, only the average queue size k q − is considered, and the results are based on analytical model rather than actual measurements. The instabilities in the model are studied numerically using the conventional nonlinear bifurcation analysis. Extending from this bifurcation analysis, a modified RED algorithm is derived to prevent the observed bifurcation and chaos regardless of the selected parameters. Our modification is for the simple scenario of a single RED router carrying only TCP traffic. The algorithm neither compromises the throughput nor the average queuing delay of the system

Modeling and estimation techniques for understanding heterogeneous traffic behavior

The majority of current internet traffic is based on TCP. With the emergence of new applications, especially new multimedia applications, however, UDP-based traffic is expected to increase. Furthermore, multimedia applications have sparkled the development of protocols responding to congestion while behaving differently from TCP. As a result, network traffc is expected to become more and more diverse. The increasing link capacity further stimulates new applications utilizing higher bandwidths of future. Besides the traffic diversity, the network is also evolving around new technologies. These trends in the Internet motivate our research work. In this dissertation, modeling and estimation techniques of heterogeneous traffic at a router are presented. The idea of the presented techniques is that if the observed queue length and packet drop probability do not match the predictions from a model of responsive (TCP) traffic, then the error must come from non-responsive traffic; it can then be used for estimating the proportion of non-responsive traffic. The proposed scheme is based on the queue length history, packet drop history, expected TCP and queue dynamics. The effectiveness of the proposed techniques over a wide range of traffic scenarios is corroborated using NS-2 based simulations. Possible applications based on the estimation technique are discussed. The implementation of the estimation technique in the Linux kernel is presented in order to validate our estimation technique in a realistic network environment

TCP performance enhancement in wireless networks via adaptive congestion control and active queue management

The transmission control protocol (TCP) exhibits poor performance when used in error-prone wireless networks. Remedy to this problem has been an active research area. However, a widely accepted and adopted solution is yet to emerge. Difficulties of an acceptable solution lie in the areas of compatibility, scalability, computational complexity and the involvement of intermediate routers and switches. This dissertation rexriews the current start-of-the-art solutions to TCP performance enhancement, and pursues an end-to-end solution framework to the problem. The most noticeable cause of the performance degradation of TCP in wireless networks is the higher packet loss rate as compared to that in traditional wired networks. Packet loss type differentiation has been the focus of many proposed TCP performance enhancement schemes. Studies conduced by this dissertation research suggest that besides the standard TCP\u27s inability of discriminating congestion packet losses from losses related to wireless link errors, the standard TCP\u27s additive increase and multiplicative decrease (AIMD) congestion control algorithm itself needs to be redesigned to achieve better performance in wireless, and particularly, high-speed wireless networks. This dissertation proposes a simple, efficient, and effective end-to-end solution framework that enhances TCP\u27s performance through techniques of adaptive congestion control and active queue management. By end-to-end, it means a solution with no requirement of routers being wireless-aware or wireless-specific . TCP-Jersey has been introduced as an implementation of the proposed solution framework, and its performance metrics have been evaluated through extensive simulations. TCP-Jersey consists of an adaptive congestion control algorithm at the source by means of the source\u27s achievable rate estimation (ARE) —an adaptive filter of packet inter-arrival times, a congestion indication algorithm at the links (i.e., AQM) by means of packet marking, and a effective loss differentiation algorithm at the source by careful examination of the congestion marks carried by the duplicate acknowledgment packets (DUPACK). Several improvements to the proposed TCP-Jersey have been investigated, including a more robust ARE algorithm, a less computationally intensive threshold marking algorithm as the AQM link algorithm, a more stable congestion indication function based on virtual capacity at the link, and performance results have been presented and analyzed via extensive simulations of various network configurations. Stability analysis of the proposed ARE-based additive increase and adaptive decrease (AJAD) congestion control algorithm has been conducted and the analytical results have been verified by simulations. Performance of TCP-Jersey has been compared to that of a perfect , but not practical, TCP scheme, and encouraging results have been observed. Finally the framework of the TCP-Jersey\u27s source algorithm has been extended and generalized for rate-based congestion control, as opposed to TCP\u27s window-based congestion control, to provide a design platform for applications, such as real-time multimedia, that do not use TCP as transport protocol yet do need to control network congestion as well as combat packet losses in wireless networks. In conclusion, the framework architecture presented in this dissertation that combines the adaptive congestion control and active queue management in solving the TCP performance degradation problem in wireless networks has been shown as a promising answer to the problem due to its simplistic design philosophy complete compatibility with the current TCP/IP and AQM practice, end-to-end architecture for scalability, and the high effectiveness and low computational overhead. The proposed implementation of the solution framework, namely TCP-Jersey is a modification of the standard TCP protocol rather than a completely new design of the transport protocol. It is an end-to-end approach to address the performance degradation problem since it does not require split mode connection establishment and maintenance using special wireless-aware software agents at the routers. The proposed solution also differs from other solutions that rely on the link layer error notifications for packet loss differentiation. The proposed solution is also unique among other proposed end-to-end solutions in that it differentiates packet losses attributed to wireless link errors from congestion induced packet losses directly from the explicit congestion indication marks in the DUPACK packets, rather than inferring the loss type based on packet delay or delay jitter as in many other proposed solutions; nor by undergoing a computationally expensive off-line training of a classification model (e.g., HMM), or a Bayesian estimation/detection process that requires estimations of a priori loss probability distributions of different loss types. The proposed solution is also scalable and fully compatible to the current practice in Internet congestion control and queue management, but with an additional function of loss type differentiation that effectively enhances TCP\u27s performance over error-prone wireless networks. Limitations of the proposed solution architecture and areas for future researches are also addressed

Modeling and estimation techniques for understanding heterogeneous traffic behavior

The majority of current internet traffic is based on TCP. With the emergence of new applications, especially new multimedia applications, however, UDP-based traffic is expected to increase. Furthermore, multimedia applications have sparkled the development of protocols responding to congestion while behaving differently from TCP. As a result, network traffc is expected to become more and more diverse. The increasing link capacity further stimulates new applications utilizing higher bandwidths of future. Besides the traffic diversity, the network is also evolving around new technologies. These trends in the Internet motivate our research work. In this dissertation, modeling and estimation techniques of heterogeneous traffic at a router are presented. The idea of the presented techniques is that if the observed queue length and packet drop probability do not match the predictions from a model of responsive (TCP) traffic, then the error must come from non-responsive traffic; it can then be used for estimating the proportion of non-responsive traffic. The proposed scheme is based on the queue length history, packet drop history, expected TCP and queue dynamics. The effectiveness of the proposed techniques over a wide range of traffic scenarios is corroborated using NS-2 based simulations. Possible applications based on the estimation technique are discussed. The implementation of the estimation technique in the Linux kernel is presented in order to validate our estimation technique in a realistic network environment

Router-based network traffic observation by terminal sliding mode control theory

Since the early days of the Internet, network traffic monitoring (NTM) has always played a strategic role in understanding and characterizing users’ activities. Nowadays, with the increased complexity of the Internet infrastructure, applications, and services, this role has become more crucial than ever. The aims of NTM are mainly focused on the three improvements, which include the quality of service (QoS) of the network, optimization of resource usage, and enhancement of security in computer networks. Specifically speaking, firstly, network conditions can be recognized by the network manager with NTM scheme. It provides the complete details about the QoS of networks, such as bandwidth, throughput, propagation delay, link availability, jitter, server memory, database space and etc. Secondly, with NTM being implemented at network nodes, i.e., network gateways, such as routers, or network links, the network traffic that is traversing the network is under online observation. Thereby, the network utilization can be improved by optimizing the resource usage to avoid the network congestions. Thirdly, unauthenticated service or approaches to the server will be identified by regularly monitoring the traffic. The network convention and statistics about the traffic will be known easily which helps to troubleshoot the network. Security events will also be investigated and the entry of the user will be maintained for responsibility. The work in this thesis focuses on the development of an intelligent real-time dynamic router-based network traffic observation (RNTO) by using the terminal sliding-mode theory. The RNTO technique is applied at network gateways, i.e., routers, to estimate the status of the traffic flows at the router level. The aims of the proposed RNTO technique is to estimate the traffic states, such as queue length (QL)in router buffer, average congestion window size (ACwnd), and the queuing dynamics of the additional traffic flows (ATF). The main contributions of the work can be broadly categorized into four parts. First, the problem of router-based network traffic monitoring is formulated as an observer design by using TSM theory for RNTO applications. The proposed TSM observer in the research is a network-based monitoring, which is implemented into the network gateways, i.e., network routers. Different from the static network traffic monitoring methods, the TSM observer is designed by using control methods based on the fluid-flow mathematical model, which represents the traffic dynamics of the interactions in a set of TCP traffic flows through network routers. By considering the time delay and stochastic properties in the data transmission network, the sliding-mode observation strategy is proposed with its high robustness with system parameter uncertainties as well as the external disturbance rejection. Given the natural weakness of chattering in sliding mode control signal, which can affect the system state, the chattering avoiding technique of the proposed TSM observation was utilized by using a smooth control signal for estimating the abnormal dynamics. It does not need any low-pass filler, which will lead to a phase leg. In addition, for the stochastic dynamics of the network traffics, fast transient convergence at a distance from and within a close range of the equilibrium of the traffic dynamics is essential to quickly capture traffic dynamics in network systems. Thus, a fractional term has been considered in the TSM for faster convergence in system states to efficiently estimate the traffic behaviors. Second, the issue of internal dynamics in network observation system is studied by proposing a novel full-order TSM strategy to speed up the convergence rate of the estimation error. In the RNTO scheme, the precise estimation for ACwnd is needed to estimate the queuing dynamics of ATF. However, the estimation error for ACwnd is not available and it converges to origin asymptotically, which results in a long response time in estimation. The proposed novel TSM observer has been designed to drive the estimation error for ACwnd to a defined known area in the finite-time, which can be calculated. Thereby, the estimation error of ACwnd can converge to origin asymptotically within the defined area. This strategy has shortened the response time and improves the estimation accuracy. This further improves the estimation accuracy for ATF. The comparative studies are conducted to evaluate the performance. Third, the issue of algorithm-efficient RNTO is investigated by considering an event triggered sliding-mode observer to reduce the computational load and the communication burden. Instead of the time-driven observation scheme, the control of the sliding mode observer is formulated under the event triggered scheme. The control of the observer is designed to be smooth and is directly applied to estimate the dynamics of the additional traffic flows. The event triggered observation algorithms is developed to reduce the computational load of the network router and the communication resource of output link in the network. Fourth, the problem of global RNTO is addressed by developing a fuzzy TSM observer by using fuzzy theory to achieve global operation under network uncertainties. The existing RNTO schemes are based on the linearization of a certain network conditions, i.e., a fixed number of TCP connections, which is a constant value N. Given the network suffers from time-varying fading, shadowing and interference and the data rate changes over time, the current methods proposed so far might not effectively and accurately monitor and estimate the traffic dynamics under network uncertainties. The T-S fuzzy models are used to model the traffic dynamics of the time-varying data changes in network link resources, i.e. the time-varying number of TCP sections, N(t) in a mathematical model. Based on the T-S fuzzy models, the fuzzy terminal sliding mode observer is established by using the fuzzy logic theory to estimate the states of the network traffic to achieve the global observation performance under the network uncertainties. In the fuzzy terminal sliding mode observer, the control signal is designed to be continuous for application of estimating the additional traffic flows without the low-pass filter. To evaluate the proposed RNTO technique, the networking simulator tool Network Simulator II (NS-II) has been used. The proposed RNTO algorithms are coded and implemented into network routers in NS-II. Numerous simulation scenarios are considered and performed. The comparative studies are also conducted by analyzing the NS-2 results. The results have demonstrated the effectiveness and efficiency of the proposed RNTO algorithms

MFIRE-2: A Multi Agent System for Flow-based Intrusion Detection Using Stochastic Search

Detecting attacks targeted against military and commercial computer networks is a crucial element in the domain of cyberwarfare. The traditional method of signature-based intrusion detection is a primary mechanism to alert administrators to malicious activity. However, signature-based methods are not capable of detecting new or novel attacks. This research continues the development of a novel simulated, multiagent, flow-based intrusion detection system called MFIRE. Agents in the network are trained to recognize common attacks, and they share data with other agents to improve the overall effectiveness of the system. A Support Vector Machine (SVM) is the primary classifier with which agents determine an attack is occurring. Agents are prompted to move to different locations within the network to find better vantage points, and two methods for achieving this are developed. One uses a centralized reputation-based model, and the other uses a decentralized model optimized with stochastic search. The latter is tested for basic functionality. The reputation model is extensively tested in two configurations and results show that it is significantly superior to a system with non-moving agents. The resulting system, MFIRE-2, demonstrates exciting new network defense capabilities, and should be considered for implementation in future cyberwarfare applications

An adaptive active queue management algorithm in Internet

Ce mémoire ne contient pas de résumé

HFAQM: A hybrid fair active queue management mechanism to improve fairness and stability for wireless local area network

Active Queue Management (AQM) is a proactive scheme that controls network congestion by avoiding it before it happens. When implementing AQM in wireless networks, several contemporary issues must be considered, such as interference, collisions, multipath-fading, propagation distance and shadowing effects, which affect the transmission rate of the links. These issues in WLAN networks with the existence of different types of flow have a direct effect on fairness. The main idea behind the wireless network is using the flexibility of radio waves to transfer data from point to point that is giving WLAN the flexibility and mobility: wireless nodes can connect, disconnect or even move from one access point to another rapidly. However, this affects the stability of the WLAN network. This research aims to reduce unfairness and instability by proposing a Hybrid-Fair AQM (HFAQM) scheme. HFAQM comprises two mechanisms: Congestion Indicator Mechanism (CIM), and Control Function Mechanism (CFM). CIM was designed to improve fairness in WLANs by hybridizing queue delay with arrival rate as parameters to calculate the congestion level. Whereas, CFM was developed to improve network stability by using an adaptive control function with the ability to drop and mark packets to overcome the rapidly changing characteristics of WLAN network. A series of experimental studies were conducted to validate the proposed mechanisms and four variants of AQM schemes, RED, REM, AVQ and CoDel, were chosen to evaluate the performance of HFAQM through simulation. The findings show that HFAQM’s main achievement is 99% fairness and improved stability by 10% from the closest scheme, with better throughput, queue length, queue loss, and outgoing link utilization as secondary achievements. The proposed scheme provides significantly better fairness and stability in WLAN environment, with the existence of different types of flow

Prediction-based techniques for the optimization of mobile networks

Mención Internacional en el título de doctorMobile cellular networks are complex system whose behavior is characterized by the superposition of several random phenomena, most of which, related to human activities, such as mobility, communications and network usage. However, when observed in their totality, the many individual components merge into more deterministic patterns and trends start to be identifiable and predictable. In this thesis we analyze a recent branch of network optimization that is commonly referred to as anticipatory networking and that entails the combination of prediction solutions and network optimization schemes. The main intuition behind anticipatory networking is that knowing in advance what is going on in the network can help understanding potentially severe problems and mitigate their impact by applying solution when they are still in their initial states. Conversely, network forecast might also indicate a future improvement in the overall network condition (i.e. load reduction or better signal quality reported from users). In such a case, resources can be assigned more sparingly requiring users to rely on buffered information while waiting for the better condition when it will be more convenient to grant more resources. In the beginning of this thesis we will survey the current anticipatory networking panorama and the many prediction and optimization solutions proposed so far. In the main body of the work, we will propose our novel solutions to the problem, the tools and methodologies we designed to evaluate them and to perform a real world evaluation of our schemes. By the end of this work it will be clear that not only is anticipatory networking a very promising theoretical framework, but also that it is feasible and it can deliver substantial benefit to current and next generation mobile networks. In fact, with both our theoretical and practical results we show evidences that more than one third of the resources can be saved and even larger gain can be achieved for data rate enhancements.Programa Oficial de Doctorado en Ingeniería TelemáticaPresidente: Albert Banchs Roca.- Presidente: Pablo Serrano Yañez-Mingot.- Secretario: Jorge Ortín Gracia.- Vocal: Guevara Noubi